Discourse 2.1.0.beta3 Release Notes

New features in 2.1.0.beta3

List, revoke and reconnect associated accounts. Phase 1

One of the items on the roadmap for 2.1 is improving the handling of social logins. Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook. We have also added Google and will add other providers in the near future.


Part 2 of dashboard improvements

The implementation of the new administrative dashboard continues. A moderation tab with related charts and a list of a all moderators with their activity, such as flag status, edits to posts, and staff notes has been added

Selectable avatars

Now you can allow users to select avatars from a limited set of custom avatars, – choose your favorite images of kittens, dogs and whatever you like!

The new feature is already present in the #feature:announcements category, you will find the details here

Navigate to first post

A new setting per category allows administrators to send users to the first post of a topic instead of the last read post. Very useful for all those categories that contain guides or instructions that are continuously updated.

Auto bump category settings

You can now specify an auto-bump per category, so a certain number of open topics will get randomly bumped by the system account each day.

See details at:

Per-category approval settings

Thanks to xrav3nz, you can now require all submitted posts in a specific category to be confirmed by a moderator before they are posted.

Allow selecting a tag when moving posts to a new topic

When moving posts to a new topic, if tags are enabled, you can finally select a tag for the new topic.

Support for disabling tag creation for non-staff users has also been added to the site settings.

Responsive admin pages

There will be no more "oh noooo, I have to visit the admin page of my site from mobile! :face_with_symbols_over_mouth: "
The admin pages are designed to work best on a desktop or laptop or tablet, but now most of the admin pages also work reasonably well on a smartphone.

Second factor backup

Backup codes for 2FA have been implemented. After enabling backup codes, there is an option to print and store the backup codes. If lost, they can be reset. See here for more details:

Backup code can be used everywhere authentication code is required if device providing code is not available!

Send message when a user reaches tl1

By default all users promoted to TL1 will receive a Welcome TL1 User message. It is a way to interact with new users and encourage them to participate actively in the activities of the site, opening new topics and filling out their user profile. You can deactivate the site setting send tl1 welcome message as well as customize the message sent through /admin/customize/site_texts

Preview multiple color schemes in wizard

After the closure of our first theme contest, we have re-structured part of the initial wizard to make room for new themes and allow everyone to choose between various themes, not just light and dark. Try the new themes available by re-running the wizard! 🧙‍♂️

Allows to jump to a date in a topic

The “jump to” modal (accessible through # shortcut on a topic) has been improved with dates. From now on, just enter the date you want to go to jump to the closest post.



Even more!

But wait, there’s more! We do our best to highlight new features and changes for you, but there’s always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.

Security Updates

This beta also includes security fixes for issues reported by our community and HackerOne.

  • Force IM decoder based on file extension
  • Consider a private IP
  • Extra CORS headers should be set on correct host
  • Do not allow authentication with disabled plugin-supplied a… (#6071)
  • Category badges should HTML escape names
  • Prevents XSS when showing tooltip

Plugin improvements

Discourse Assign

  • Bug Fix

Discourse Voting

  • Bug Fix

Discourse Prometheus

  • Add link to GraphQL tracing doc
  • Added more useful metrics to be collected for delayed jobs
  • Add possibility to set custom_labels in multi-process mode
  • Add documentation for Sidekiq process info
  • Allow empty prefix for metrics running multi process mode

Wordpress Plugin

  • Add an optional ‘redirect’ parameter to the discourse_sso_client shortcode
  • Add a Login Link Redirect option to the SSO Client settings page
  • Add an optional stylesheet for fixing Discourse oneboxes and quotes in comments
  • Replace polls in comments with links to the poll
  • Add an option to cache all HTML that is generated by the plugin
  • Require confirmation before updating or unlinking a post that has been published to Discourse
  • Add a filter that can be used to bypass the sync_sso functionality

Discourse Azure Blob Storage

  • Fix plugin to work with recent changes in the discourse core

Discourse Auth Proxy

  • Discourse groups now are in CSV format instead of an array

Discourse Staff Notes

  • Improves staff note report support
  • Improves staff notes report to support dates
  • Do not try to add report to dashboard if disabled

Discourse Patreon Plugin

  • Improve the error message text
  • Add clickable link to the Patreon website
  • Create empty reward if default tier not exist
  • Compatibility with core social auth improvements
  • Bug Fix

Discourse Solved

  • If auto bump is enabled, do not bump solved

Data Explorer Plugin

  • Upgrade to mini_sql

Canned Replies Plugin

  • Bug Fix

Additional Features and Fixes

Click to expand

New Features

  • Allow auth plugins to have a site setting for full screen login
  • Displays a notice if report has no data (#6178)
  • Uses category-chooser for report filtering (#6174)
  • When a post is deleted because a moderator agreed with flags, send a message to the post author
  • Allows tag editing on mobile (#6148)
  • Webhook for user destroyed event (#6124)
  • Retry web hook when it is failed
  • Make the login error message more informative if cookies are disabled
  • Land on specified category page when creating topic via URL
  • Differentiates pms in moderators activity report (#6117)
  • Show modal when user without permissions tries to delete their own topic (#6086)
  • Add a Top Categories section to the user summary page, showing the categories in which a user has the most activity
  • Update TwitterApi for prettifying like/retweet count
  • Add custom S3 Endpoint and DigitalOcean Spaces/Minio support for Backups (#6045)
  • Secondary emails support.
  • Add data-username on user-info blocks
  • Groundwork for user-selectable theme components
  • Event on topic merge (#6057)
  • Update libv8 to version 6.7
  • MauiBot is abusive and is now blocked
  • Add a rake task to recalculate user stats post_count and topic_count
  • Create hidden posts for received spam emails (#6010)
  • Create hidden posts for received spam emails
  • Add search not operator for tags.
  • Drops with-email-link and replaces it by with-email-button
  • Add swipe detection for dismissing mobile topic scroller
  • New settings to control posts deletions rate limit
  • Rate limit post deletions to 50 per day
  • Allow author to delete posts irrespective of post_edit_time_limit
  • Simplifies the same day hour to hour use case in local dates
  • Add website field to SSO
  • Support referrerPolicy on embed iframe
  • Differentiate total and total for period on admin table report
  • Unconditionally consider TL0 users as “first day” users
  • Display report total value when showing report

Bug Fixes

  • Remove return statement from inside block
  • Remove plugin.enabled? checks at initialization time (#6166)
  • Destroy session between omniauth callbacks controller tests
  • Makes disk_space computation more resilient (#6172)
  • Refreshes disk_space on backup create/destroy (#6169)
  • Filter open-id logins by identifier
  • Don’t rely on setting data type read from database
  • Translation for default (light) color scheme was missing
  • Broken specs
  • Email template for “Queued Posts Reminder” was not found
  • Add User Api Key headers to CORS
  • Categories page crawler view had incorrect URLs
  • Popup-menu instantly closing (#6147)
  • Multiple select-kit fixes on mobile
  • Removes system from user to user report (#6144)
  • If exclude_category_ids is specified pass it through
  • Display tag related actions only if tagging is enabled. (#6136)
  • Discourse_merger: many foreign keys were not being updated
  • Fix dead link present in admin account registration instructions.
  • Takes old dashboard out of caching job
  • Takes dashboard-next out of caching job
  • Lazy load more reports in dashboard
  • Notify staff about whispers in watched categories (#6128)
  • Various select-kit corrections on mobile
  • Do not automatically infere date type (#6127)
  • Improves trending-search and top-referred on mobile
  • Topic owner should watch the new topic when moving posts to a new topic
  • Improves moderation tab on mobile (#6122)
  • Improves moderation tab reports alignments
  • Makes top dash titles clickable (#6120)
  • Removes uncessary reports loading (#6119)
  • Makes reports take full width (#6118)
  • Exceptions raised when editing replies were not displaying their error messages
  • Smaller sort buttons
  • Set uploads sequence after copying uplaods in discourse_merger
  • Clean URLs in SMF1 importer
  • [img] BBCode tags might have parameters
  • Don’t suggest groups when inviting to a topic (#6105)
  • Raise a better error in SiteSettings::TypeSupervisor.
  • Smf1 importer was swallowing some data
  • Allow Twitter videos to go fullscreen
  • Not checking for 0 correctly
  • Do not add a moderator post when post is flagged via direct message (#6100)
  • Stop race condition when topic notification jobs are scheduled during a database transaction
  • Discourse_merger: copied topic_link records had wrong url, and update all internal links to use new topic URLs in copied posts
  • Copy uploads quickly in discourse_merger.rb, and fix user avatar upload id for copied users
  • Do not update last seen time for suspended users
  • Do not show links with 0 click on topic map
  • Theme JS should only run when needed global objects exist (#6098)
  • Never block /srv/status which is used for health checks
  • Avatars in discourse_merger.rb
  • Errors when copying post_uploads in discourse_merger.rb
  • Inaccurate tracking of current topic
  • DROP NOT NULL instead of changing all the rows in the table.
  • Count subcategories in breadcrumbs
  • Category list should set category on topic
  • Set default on theme.key, if it has not yet been dropped (#6095)
  • Use email color settings consistently in notification emails
  • Create empty user_avatar row if not exist
  • Grammar/spelling error in server.en.yml (#6089)
  • Infers time from tz creator to ensure day shown is the one expected
  • Delay panning until we can determine direction
  • Support amazon S3 upload urls in discourse_merger.rb
  • Wrong url for default logos in header on subfolder installs
  • Do not validate topic deletions
  • Returns provider_not_enabled error even if enabled
  • jumpToPost no working on megatopics.
  • Select+below will ask server for post ids on megatopics.
  • /t/:topic_id/last route did not return any posts.
  • Selecting & moving posts not working on megatopics.
  • Badges for merged users don’t get merged by discourse_merger.rb
  • Personal messages not being copied by discourse_merger.rb
  • Change megatopic threshold to 10,000 posts
  • Hidden tooltip was preventing clicks on category settings input field
  • On initial load category subcategories were not mapped correctly
  • Display error message when upload fails in wizard
  • Display tables in posts history diff (#6032)
  • Datepicker will now default to monday as first day
  • Don’t attempt to bump draft sequence if no editor
  • ignored_columns was called twice.
  • Wrong site origin in message bus header
  • Invisible images and incorrect css on password reset and accept invite pages
  • Broken image on password reset page on subfolder installs
  • Wizard emoji images on subfolder installs
  • Ignore self-quotes from the same post when saving (#6082)
  • Rename User#usernames that clashes with Group#name. (#6069)
  • Also count sub categories in hamburger when needed
  • If s3 set via global setting bypass config check in UI
  • Mixed texts when mixing rtl/ltr text in topic tile on categories page
  • Mobile /admin/users style fixes
  • Discourse.S3BaseUrl did not account for subfolder bucket names.
  • Upload.get_from_url not respective subfolder in s3 bucket names.
  • Update mini_racer corrects erratic segfaults
  • Removes UTC conversion when date and no time
  • Mobile /admin/users page adjustments
  • Responsive admin adjustments
  • Mentions broken after adding an <abbr> tag
  • Uses a non cooked to emoji arrow for local dates ranges
  • Only show the sequential replies warning for regular posts
  • Less aggressive gmail eliding
  • Properly delete files in the download cache
  • User topic and post counts can become negative when staff deletes posts in personal messages
  • Mobile topic-timer adjustments
  • Do not use scheduler for uploading csv file for invite
  • BackupRestore::Backuper#remove_tar_leftovers not cleaning up files.
  • Unable to add new webhook if the webhooks list is empty
  • Move crawler blocking into anon cache
  • Move crawler blocking to app controller
  • Allow multiple secondary emails
  • Update test to match new admin layout
  • Update test to match admin layout changes
  • Removes inline styles applied to “all categories” in category dropdown
  • Only change to time format when dealing with today’s time
  • Add pan direction data, do not activate pan when event is not vertical
  • Disabled topic timeline panning on desktop
  • Fix badge count of other users. (#6016)
  • Avoid destroy_all in Jobs::CleanUpUploads.
  • Makes large images in polls responsive
  • Composer popup close link overlaps with text
  • Ensures correct icon is displayed on mobile upload shortcut button
  • Discourse_merger halts when topic has nil category
  • Minor micro data fixes
  • Purge unactivated users with a message from non-human users
  • Low contrast issues for dark themes in edit history modal
  • Use logo_url settign when present for mobile layout instead of site name
  • Recovering a post does not insert it back into the stream correctly.
  • Prevent ambigous column errors when joining TopicView queries.
  • Raise invalid params for bad callback
  • Return status 400 for invalid member params
  • Don’t replace the wiki button if the user can’t edit
  • Scope the cn to the subfolder
  • Post deletions rate limit per day was not working
  • Invert from and to user id in smf1 import script
  • Use the correct notification levels titles for PMs
  • Allow staff to remove tags from queued topics
  • Scroll to top when accessing admin dashboard
  • Makes select-kit match searches with accents (filter and content)
  • Missing translations for mobile flag modal
  • Megatopics forced into summary mode when loading posts.
  • ListItem can’t have itemprop=url and itemprop=item together
  • Allows more chars than a-z in select-kit
  • Makes sure category and tag drop headers have a title
  • Rails.logger isn’t always available when loading plugin locales
  • Users can’t “show all posts” in forced summary topics.

UX Changes

  • Clear topic timer text when manually closing/opening (#6123)
  • Clear topic timer text when manually closing/opening
  • Open the change avatar modal when clicking the profile picture
  • Auto fix order when reordering categories (#6149)
  • Drop ‘fix order’ and auto re-order subcategory
  • Don’t show the avatar section when overriden by SSO
  • Skip the modal and refresh the app when selecting an avatar
  • Use future date input instead of date picker on feature topic modal (#6096)
  • Use the pointer cursor when hovering over a selectable avatar
  • Reload the page when changing avatar
  • Adjust positioning of auto complete vertical
  • Clicking admin menu does not hide select posts box.
  • Don’t repeat category name in topnav
  • Make sure autocomplete does not render off screen
  • Focus on new topic link that appears on the page via keyboard. (#6081)
  • Timeline lookup on mega topics should use date of current post.
  • Show custom footer on user activity and preferences pages (#6080)
  • Category description display issue
  • Adds flexbox to topic user name fields on mobile
  • Keyboard shortcuts (j/k) should work with /categories
  • Don’t display an empty participants section.
  • Don’t display participants count if it is zero.


  • Split loading of posts to speed up user renames
  • Move EmailLog#reply_key into new post_reply_keys table.
  • Split skipped email logs into a seperate table.
  • Tune indexes to speed up lookup for bounced email.
  • Store EmailLog#reply_key as uuid data type.
  • Store EmailLog#bounce_key as uuid data type. (#6093)
  • Store EmailLog#bounce_key as uuid data type.
  • Add missing index on user_id for user_second_factors table.
  • Make mega topics work without a stream.
  • Do not carry post ids in memory when rebaking all posts
  • Reduce querying when creating notifications
  • Drop support for gaps in mega topics.
  • We have no use for topic percent rank
  • Do not calculate gaps for TopicViewPostsSerializer.
  • Scanning the id for this is signficantly slower in production
  • Update TopicView#participant_count to use Topic#posts_count.
  • Don’t pluck all the columns just to retrieve a single value.
  • Send down gaps as the relevant posts load instead of front loading.
  • Don’t include entire post stream when we’re loading more posts.